[issue15740] test_ssl failure when cacert.org CA cert in system keychain on OSX
Ned Deily
report at bugs.python.org
Tue Aug 21 05:45:29 CEST 2012
Ned Deily added the comment:
As Ronald is aware, there is also the issue that Apple has deprecated use of OpenSSL in OS X:
"Although OpenSSL is commonly used in the open source community, OpenSSL does not provide a stable API from version to version. For this reason, although OS X provides OpenSSL libraries, the OpenSSL libraries in OS X are deprecated, and OpenSSL has never been provided as part of iOS. Use of the OS X OpenSSL libraries by applications is strongly discouraged.
If your application depends on OpenSSL, you should compile OpenSSL yourself and statically link a known version of OpenSSL into your application."
In OS X 10.7, for instance, OpenSSL is at 0.9.8r. I think the same is true for 10.8. We should probably bite the bullet here and do as Apple urges, that is, supply our own libssl 1.0.x for the python.org OS X installer builds.
http://developer.apple.com/library/mac/#documentation/security/Conceptual/cryptoservices/GeneralPurposeCrypto/GeneralPurposeCrypto.html
----------
nosy: +ned.deily
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue15740>
_______________________________________
More information about the Python-bugs-list
mailing list